Blog

Mozilla Security Blog: Mozilla just released an update to Firefox for Desktop, Thunderbird and SeaMonkey. Updates are now available for: Firefox for Windows, Mac and Linux (final release) Firefox for Windows, Mac and Linux (3.6.21 final release) Firefox Aurora for Windows, Mac and Linux Firefox Nightly for Windows, Mac and Linux SeaMonkey (2.3.2) Thunderbird (6.0.1) We strongly recommend that all users upgrade to these releases. If you already have Firefox, you will receive an automated update notification within 24 to 48 hours. Users can also manually check for updates if they do not want to wait for the automatic update. ...

Acrobat Blog: We are excited to announce that Adobe CreatePDF application is now available on iOS. With this, Adobe brings rich, high-fidelity and Acrobat-like PDF creation to the iOS devices. You can now convert all your documents on iPad, iPhone & iPod touch devices to PDF for reliable, secure sharing and viewing across PCs, tablets & Smartphones. The application uses Adobe’s online PDF Creation service for conversion of files to PDF thereby ensuring no compromise on quality and performance. ...

H-Online: A vulnerability in its forum software has been exploited by a hacker to compromise mobile phone maker Nokia‘s developer forum. The attacker used SQL injection to access the forum database at developer.nokia.com and, according to Nokia, obtained email addresses of registered users. Where configured to be publicly available, the table also includes details such as the user’s date of birth, web site URL and Skype, ICQ or other IM username; this is reported to be the case for around 7 per cent of users. The database did not contain passwords or credit card information. The issue does not, according to Nokia, affect any other Nokia accounts. ...

Schneier on Security: It’s hard to know how serious this really is: The screenshots appear as B-roll footage in the documentary for six seconds­between 11:04 and 11:10 minutes — showing custom built Chinese software apparently launching a cyber-attack against the main website of the Falun Gong spiritual practice, by using a compromised IP address belonging to a United States university. As of Aug. 22 at 1:30pm EDT, in addition to Youtube, the whole documentary is available on the CCTV website. ...

Microsoft Malware Protection Center: We’ve had reports of a new worm in the wild and that generates increased RDP traffic for our users on port 3389. Although the overall numbers of computers reporting detections are low in comparison to more established malware families, the traffic it generates is noticeable. The worm is detected as Worm:Win32/Morto.A and you can see a detailed description of at http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3aWin32%2fMorto.A. Morto attempts to compromise Remote Desktop connections in order to penetrate remote systems, by exploiting weak administrator passwords. Once a new system is compromised, it connects to a remote server in order to download additional information and update its components. It also terminates processes for locally running security applications in order to ensure its activity continues uninterrupted. Affected users should note that a reboot may be required in order to complete the cleaning process. ...

I posted this without spell-check or grammar check, without review etc, just think and write and post: I think its not just me that sometimes get confused in his life, Don’t know what to do and what should not do, It happen for everyone and that’s life, now its like that for me. It’s about 5-6 years that I finished my school, and yet nothing has happened in my life, no stable job, yet I own nothing in my life, not a Home or a room, not a car or anything else that worth anything. Don’t get me wrong, money is not all, during these years I’ve earned nothing, either money or certified or reputation or even a good routine in my life. ...

Start of AV 12 Betatest! It starts from today and ends on 29th of September 2011. Finally after a long time Avira started Betatest of Avira AntiVir 12. If you would like to test this build and feature beta releases, you can register in Avira BetaCenter: http://betacenter.avira.com More Info: http://techblog.avira.com/2011/09/08/avira-products-version-2012-for-windows-now-available-for-beta-testing/en/

Sunbelt: Facebook recently published a guide for it’s users on how to secure their online accounts from anything that threatens one’s Facebook security. Among those covered are Wall, Chat, and Comment spams, weak passwords, fake applications, and account hacking. Personally, I’m quite happy that Facebook is actually doing something that concerns user security, despite it being quite late come to think about it. Still, better to have something than nothing. ...

H-Online: The phpMyAdmin developers have announced the release of versions 3.4.4 and 3.3.10.4 of their open source database administration tool. According to the security advisory, these maintenance and security updates close a hole (CVE-2011-3181) in the Tracking feature that leads to multiple cross-site scripting (XSS) vulnerabilities. The exploit was discovered by Norman Hippert and is caused due to improper sanitisation when input is passed to the table, column and index names. For an attack to be successful, an attacker must be logged in via phpMyAdmin. Versions 3.3.0 to 3.4.3.2 are affected and the developers consider the problem to be serious. Updating to phpMyAdmin 3.3.10.4 or 3.4.4 fixes the problem. Alternatively, users can apply the provided patches. ...

SophosLabs: Steve Jobs has now done what many of us thought would happen sooner or later – stepped off the very prestigious CEO plinth, taking a less taxing role as chairman of the Apple board. The new CEO will be Jobs’ right-hand man Tim Cook. Despite Jobs having been on medical leave since January this year, the markets were all a tumble once the news of his resignation hit the markets, with Apple share prices dipping at one point by 5%. ...